TYPO3 News & Events Hub
What’s New & What’s Coming
CSRF in extension "Change password for frontend users" (fe_change_pwd)
It has been discovered that the extension "Change password for frontend users" (fe_change_pwd) is susceptible to Cross-Site-Request-Forgery (CSRF).
Read moreMultiple vulnerabilities in extension "MKSamlAuth" (mksamlauth)
It has been discovered that the extension "MKSamlAuth" (mksamlauth) is susceptible to Broken Authentication and Authentication Bypass.
TYPO3 10.2.2, 9.5.13 and 8.7.30 security releases published
The TYPO3 Community announces the versions 10.2.2, 9.5.13 LTS and 8.7.30 LTS of the TYPO3 Enterprise Content Management System.
Insecure Deserialization in Query Generator & Query View
It has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
SQL Injection in low-level Query Generator
It has been discovered that TYPO3 CMS is vulnerable to SQL injection.
Directory Traversal on ZIP extraction
It has been discovered that TYPO3 CMS is vulnerable to directory traversal.
Cross-Site Scripting in Filelist Module
It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Cross-Site Scripting in Link Handling
It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting in Link Handling.
Cross-Site Scripting in Form Framework validation handling
It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
Possible Insecure Deserialization in Extbase Request Handling
It has been discovered that TYPO3 CMS can be vulnerable to insecure deserialization.
Cross-Site Scripting Vulnerabilities in File Upload Handling
It has been discovered that TYPO3 is susceptible to cross-site scripting.
Keep Your TYPO3 v7.6 Site Safe With ELTS
Software delivers the most value when fully updated and supported - your enterprise’s CMS is no exception. Keep your TYPO3 v7.6 website safe and increase your return on investment (ROI) by opting for our Extended Long Term Support (ELTS).
November 2019: Developer Appreciation Day (DAD)
On this Developer Appreciation Day (DAD), we’d like to appreciate all the hard working developers once more who continuously contribute to the TYPO3 Project: Thank you ever so much, folks! Find November's most important names and some really...
Announcing Selected Budget Ideas for 2020
The TYPO3 Association Budget Committee made a strategic selection of 9 topics to pursue from a pool of 13 submitted budget ideas. The committee invited not only TYPO3 Association members but also the whole TYPO3 community to sent in budget ideas....
TYPO3 Version 10.2 — Treasure Hunting!
TYPO3 v10.2 is out now — the last sprint release of the year. A lot of functionality was developed during the TYPO3 Initiative Week (T3INIT19) and TYPO3 v10.2 contains some of these components. We are excited to see that we made a big step forward to...
How We Chose to Support Xdebug
As an open-source service company, TYPO3 GmbH is based on creating revenue to support our open source software project. Since Xdebug saves our developers actual working time each day, we’ve decided to invest in one of three available support...
Skill Verification Access for the TYPO3 Academic Committee
Academic institutions are invited to set up their organization as part of a network of institutions that can verify TYPO3 skills according to the SkillDisplay SkillSets for TYPO3 CMS.
SkillDisplay - Find an Employee with the Web Skills You Really Need
By creating a job profile with SkillDisplay, a department can choose from a set of skills. Thus, they can assist the HR team with their requirements and the future employees as they can determine how much their skills match the job requirements.
How Is TYPO3 Performing in Your Agency?
How is TYPO3 performing in your agency? TYPO3 Partner DFAU conducted a survey among Association Members to find out about website project scopes and potential revenue losses. See all results and conclusions.
TYPO3 Initiative Week—Insider Report
TYPO3 Initiative Week was introduced this year to bring together members of TYPO3 Initiatives to drive development forward. Core development is now organized into Strategic Initiatives where teams can focus on a targeted effort on one task. This...